Virtual Patching: Patch Those Vulnerabilities before They Can Be Exploited

Vulnerabilities can adversely affect an organization beyond its bottom line. They can also risk the privacy of personally identifiable information (PII) that, when compromised, can have real-life consequences. They undermine not only a company’s reputation — they also undermine the integrity of the infrastructures that store and manage this sensitive data.

The Equifax data breach is a case in point. By exploiting a vulnerability (CVE-2017-5638) in their application framework, attackers gained unauthorized access to its network and systems. The attack exposed PII of 145.5 million U.S. citizens and 15.2 million U.K. customers, and resulted in financial losses expected to reach US$439 million.

Indeed, a single, vulnerable endpoint, network, server, or application is sometimes all it takes to affect millions. Shellshock, Heartbleed, Poodle, and EternalBlue are just some of the notorious security flaws that leave doors open to data-stealing malware and other attacks. There are countless more — in fact, there were 1,522 publicly reported vulnerabilities reported in 2017. And 929 of these vulnerabilities, which were disclosed through Trend Micro’s Zero Day Initiative (ZDI), were rated to be “critical” or “high” in severity.

Patching significantly reduces an enterprise’s exposure to these threats. However, it continues to be a perennial challenge for many organizations. In fact, surveyed organizations took an average of 197 days just to identify a data breach. Preventing data breaches is exacerbated by the added task of monitoring internet-of-things (IoT) devices and industrial-internet-of-things (IIoT) systems. IT and security teams may also find it arduous, if not virtually impossible, to download, test, and deploy patches for all vulnerabilities before they’re exploited — while also keeping gateways, endpoints, networks, and servers up and running.

Why enterprises take longer to apply patches

Vendors usually patch vulnerabilities, especially when they're considered critical. However, not all organizations and users apply them, or apply them immediately, and IT personnel are often left in a state of flux. The average organization takes over 30 days to patch standard operating systems and applications, and months or years to patch more complex business applications and systems.

Uptime preservation. IT personnel might be hesitant to patch as it could involve downtime while critical business servers are offline.

Cost reduction. Migrating from and replacing legacy systems or upgrading applications developed in-house could be costly and time consuming. In effect, IT groups become hesitant to fix or replace something that still functions regardless of its version.

These challenges can expose enterprises to risks such as network, system, endpoint, and security policy compromise, exposure of personal and mission-critical data, and ultimately, reputation damage and financial losses. Addressing these require the right tools. Technologies like virtual patching can help complement existing patch management processes by shielding known and unknown vulnerabilities. Virtual patching acts as an agentless emergency security tool that enterprises can use to quickly remedy vulnerabilities on affected servers and endpoints.

2019 SECURITY PREDICTIONS

Our security predictions for 2019 are based on our experts’ analysis of the progress of current and emerging technologies, user behavior, and market trends, and their impact on the threat landscape.View the 2019 Security Predictions